syndication.realsrv.com Open in urlscan Pro
95.211.229.246 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://syndication.realsrv.com/ads-iframe-display.php?idzone=3206393&type=300x250&p=https%3A//www.xzorra.com/follando-a-mi-veci...
Submission: On March 05 via api (March 5th 2021, 3:00:07 am UTC) from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 10 HTTP transactions. The main IP is 95.211.229.246, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is syndication.realsrv.com.
TLS certificate: Issued by R3 on January 11th 2021. Valid for: 3 months.

This is the only time syndication.realsrv.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	95.211.229.246 95.211.229.246	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	185.75.253.85 185.75.253.85	48684 (VIKINGHOST) (VIKINGHOST)
5	66.254.122.112 66.254.122.112	29789 (REFLECTED) (REFLECTED)
2	2606:4700::68... 2606:4700::6810:7544	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	66.254.122.102 66.254.122.102	29789 (REFLECTED) (REFLECTED)
10	6

1 95.211.229.246 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

syndication.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.75.253.85 (Netherlands)

ASN48684 (VIKINGHOST, NL)

bngpt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 66.254.122.112 (United States)

ASN29789 (REFLECTED, US)

i.bongacash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7544 (United States)

ASN13335 (CLOUDFLARENET, US)

i.bimbolive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.254.122.102 (United States)

ASN29789 (REFLECTED, US)

db.bngpt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	bongacash.com i.bongacash.com	52 KB
2	bimbolive.com i.bimbolive.com	18 KB
2	bngpt.com bngpt.com db.bngpt.com	283 KB
1	realsrv.com syndication.realsrv.com	1 KB
10	4

	Domain	Requested by
5	i.bongacash.com	bngpt.com
2	i.bimbolive.com	bngpt.com
1	db.bngpt.com	bngpt.com
1	bngpt.com	syndication.realsrv.com
1	syndication.realsrv.com
10	5

This site contains no links.

Subject Issuer	Validity	Valid
realsrv.com R3	`2021-01-11` - `2021-04-11`	3 months	crt.sh
bngpt.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-24` - `2021-03-24`	a year	crt.sh
*.bongacash.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-05` - `2021-06-03`	a year	crt.sh
i.bimbolive.com Cloudflare Inc ECC CA-3	`2020-07-05` - `2021-07-05`	a year	crt.sh
db.bngwlt.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-29` - `2021-04-29`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://syndication.realsrv.com/ads-iframe-display.php?idzone=3206393&type=300x250&p=https%3A//www.xzorra.com/follando-a-mi-vecino-mexicano-caliente-mienstras-estoy-sola-en-verano/&dt=1614945060032&sub=&tags=&cookieconsent=true&screen_resolution=1280x1024&el=%22
Frame ID: 9DE1CF6CC141233D0823F6AF905014C2
Requests: 1 HTTP requests in this frame

Frame: https://bngpt.com/promo.php?c=680190&subid=oodbPHNLPHPLHPRU7YHrqJ5a6LqHUzUVy1VVOldRLKqeqV11jqZnTumrdK6V0rrKZnV0zW1UWunrmtpnqdK6V07p3SuldM6V0rpnO3q32z14qu1us0rmm11p4nrp1rroo3m3zdK5TAkJnHqH9009sqppZ6XOldK6V1tDpXSuD7A-&subid2=3206393&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Frame ID: 2547A9E0C84B131386675019C40DA9BE
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

10
Requests

100 %
HTTPS

20 %
IPv6

4
Domains

5
Subdomains

6
IPs

2
Countries

354 kB
Transfer

546 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set ads-iframe-display.php Show response
syndication.realsrv.com/ 1 KB
1 KB 106ms
45ms Document
text/html 95.211.229.246
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://syndication.realsrv.com/ads-iframe-display.php?idzone=3206393&type=300x250&p=https%3A//www.xzorra.com/follando-a-mi-vecino-mexicano-caliente-mienstras-estoy-sola-en-verano/&dt=1614945060032&sub=&tags=&cookieconsent=true&screen_resolution=1280x1024&el=%22
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4cb282dd44111c6457804a09c1eb3c1a56a04f486ba83b3179b277aeea8e0260

Request headers

Host: syndication.realsrv.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Fri, 05 Mar 2021 02:59:50 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2260419ea6549ba3.33609714213778409%22%3B%7D; expires=Sun, 05 Mar 2023 02:59:50 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
Content-Encoding: gzip

GET
H2 200 promo.php Show response
bngpt.com/ Frame 2547 127 KB
42 KB 160ms
96ms Document
text/html 185.75.253.85
VIKINGHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://bngpt.com/promo.php?c=680190&subid=oodbPHNLPHPLHPRU7YHrqJ5a6LqHUzUVy1VVOldRLKqeqV11jqZnTumrdK6V0rrKZnV0zW1UWunrmtpnqdK6V07p3SuldM6V0rpnO3q32z14qu1us0rmm11p4nrp1rroo3m3zdK5TAkJnHqH9009sqppZ6XOldK6V1tDpXSuD7A-&subid2=3206393&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0

Requested by

Host: syndication.realsrv.com
URL: https://syndication.realsrv.com/ads-iframe-display.php?idzone=3206393&type=300x250&p=https%3A//www.xzorra.com/follando-a-mi-vecino-mexicano-caliente-mienstras-estoy-sola-en-verano/&dt=1614945060032&sub=&tags=&cookieconsent=true&screen_resolution=1280x1024&el=%22

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.75.253.85 , Netherlands, ASN48684 (VIKINGHOST, NL),

Reverse DNS

Software

nginx /

Resource Hash

c32d6eec7219bbe7027a8b136fbaef263b2cd596bbef24323ba2e3754737d6af

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

:method: GET
:authority: bngpt.com
:scheme: https
:path: /promo.php?c=680190&subid=oodbPHNLPHPLHPRU7YHrqJ5a6LqHUzUVy1VVOldRLKqeqV11jqZnTumrdK6V0rrKZnV0zW1UWunrmtpnqdK6V07p3SuldM6V0rpnO3q32z14qu1us0rmm11p4nrp1rroo3m3zdK5TAkJnHqH9009sqppZ6XOldK6V1tDpXSuD7A-&subid2=3206393&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://syndication.realsrv.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://syndication.realsrv.com/

Response headers

server: nginx
date: Fri, 05 Mar 2021 02:59:51 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin
expires: Fri, 05 Mar 2021 02:59:50 GMT
cache-control: no-cache public
x-bcs: ded7383
strict-transport-security: max-age=0;
content-encoding: gzip
x-bc-bl: 105

GET
H2 200 jquery.tools.min.js Show response
i.bongacash.com/dynamic_banner/ Frame 2547 135 KB
46 KB 101ms
32ms Script
application/x-javascript 66.254.122.112
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://i.bongacash.com/dynamic_banner/jquery.tools.min.js
Requested by: Host: bngpt.com
URL: https://bngpt.com/promo.php?c=680190&subid=oodbPHNLPHPLHPRU7YHrqJ5a6LqHUzUVy1VVOldRLKqeqV11jqZnTumrdK6V0rrKZnV0zW1UWunrmtpnqdK6V07p3SuldM6V0rpnO3q32z14qu1us0rmm11p4nrp1rroo3m3zdK5TAkJnHqH9009sqppZ6XOldK6V1tDpXSuD7A-&subid2=3206393&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.254.122.112 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: e666784dfb5c0770b088874d0217b90b7404d14bd6149843f3b5952b9a5f9197

Request headers

Referer: https://bngpt.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 02:59:50 GMT
content-encoding: gzip
last-modified: Tue, 18 Jun 2019 13:44:19 GMT
x-cdn-diag-r: fra1-11058-7-18150-h-0-0---
x-shm-miss: true
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2592000
x-cdn-diag: fra1-11058-4-17391-h-0-0---;110584-14-20605----0-0-1
expires: Sat, 14 Nov 2020 07:18:40 GMT

GET
H2 200 logo2_default.png
i.bongacash.com/dynamic_banner/images/ Frame 2547 4 KB
4 KB 96ms
32ms Image
image/png 66.254.122.112
REFLECTED

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bongacash.com/dynamic_banner/images/logo2_default.png
Requested by: Host: bngpt.com
URL: https://bngpt.com/promo.php?c=680190&subid=oodbPHNLPHPLHPRU7YHrqJ5a6LqHUzUVy1VVOldRLKqeqV11jqZnTumrdK6V0rrKZnV0zW1UWunrmtpnqdK6V07p3SuldM6V0rpnO3q32z14qu1us0rmm11p4nrp1rroo3m3zdK5TAkJnHqH9009sqppZ6XOldK6V1tDpXSuD7A-&subid2=3206393&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.254.122.112 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: ea5bb79665ee9cab463d102ec757ae3028aab2c32267326aeb6c1a8aa978cc4f

Request headers

Referer: https://bngpt.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 02:59:50 GMT
last-modified: Tue, 18 Jun 2019 13:44:19 GMT
content-type: image/png
cache-control: max-age=2592000
x-cdn-diag: fra1-11059-1-41498-h-0-0---;110584-14-20605----0-0-0
accept-ranges: bytes
content-length: 3813
expires: Wed, 27 Jan 2021 08:42:04 GMT

GET
H2 200 video_back.gif
i.bongacash.com/dynamic_banner/images/ Frame 2547 44 B
269 B 33ms
32ms Image
image/gif 66.254.122.112
REFLECTED

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bongacash.com/dynamic_banner/images/video_back.gif
Requested by: Host: bngpt.com
URL: https://bngpt.com/promo.php?c=680190&subid=oodbPHNLPHPLHPRU7YHrqJ5a6LqHUzUVy1VVOldRLKqeqV11jqZnTumrdK6V0rrKZnV0zW1UWunrmtpnqdK6V07p3SuldM6V0rpnO3q32z14qu1us0rmm11p4nrp1rroo3m3zdK5TAkJnHqH9009sqppZ6XOldK6V1tDpXSuD7A-&subid2=3206393&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.254.122.112 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: 45ec8d91945614154aa6d7310bcfc5f00ea6d89647f51d8be503c988a3a91f13

Request headers

Referer: https://bngpt.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 02:59:50 GMT
last-modified: Tue, 18 Jun 2019 13:44:19 GMT
content-type: image/gif
cache-control: max-age=2592000
x-cdn-diag: fra1-11023-6-16404-h-0-0---;110584-15-20605----0-0-1
accept-ranges: bytes
content-length: 44
expires: Sat, 14 Nov 2020 07:18:40 GMT

GET
H2 200 russian.png
i.bongacash.com/dynamic_banner/images/lang/ Frame 2547 287 B
512 B 32ms
32ms Image
image/png 66.254.122.112
REFLECTED

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bongacash.com/dynamic_banner/images/lang/russian.png
Requested by: Host: bngpt.com
URL: https://bngpt.com/promo.php?c=680190&subid=oodbPHNLPHPLHPRU7YHrqJ5a6LqHUzUVy1VVOldRLKqeqV11jqZnTumrdK6V0rrKZnV0zW1UWunrmtpnqdK6V07p3SuldM6V0rpnO3q32z14qu1us0rmm11p4nrp1rroo3m3zdK5TAkJnHqH9009sqppZ6XOldK6V1tDpXSuD7A-&subid2=3206393&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.254.122.112 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: 4bfa891ddc3786bc6ad204bb6e25cfa3f70d4e2a2bd9a47d5d1354d1d13ea492

Request headers

Referer: https://bngpt.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 02:59:50 GMT
last-modified: Tue, 18 Jun 2019 13:44:19 GMT
content-type: image/png
cache-control: max-age=2592000
x-cdn-diag: fra1-11051-3-5006-h-0-0---;110584-15-20605----0-0-1
accept-ranges: bytes
content-length: 287
expires: Sat, 14 Nov 2020 07:18:42 GMT

GET
H2 200 english.png
i.bongacash.com/dynamic_banner/images/lang/ Frame 2547 542 B
768 B 32ms
32ms Image
image/png 66.254.122.112
REFLECTED

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bongacash.com/dynamic_banner/images/lang/english.png
Requested by: Host: bngpt.com
URL: https://bngpt.com/promo.php?c=680190&subid=oodbPHNLPHPLHPRU7YHrqJ5a6LqHUzUVy1VVOldRLKqeqV11jqZnTumrdK6V0rrKZnV0zW1UWunrmtpnqdK6V07p3SuldM6V0rpnO3q32z14qu1us0rmm11p4nrp1rroo3m3zdK5TAkJnHqH9009sqppZ6XOldK6V1tDpXSuD7A-&subid2=3206393&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.254.122.112 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: 097f8db12c193936f803052d0e27068c5e8959011a541b12d609c5c73d464d52

Request headers

Referer: https://bngpt.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 02:59:50 GMT
last-modified: Tue, 18 Jun 2019 13:44:19 GMT
content-type: image/png
cache-control: max-age=2592000
x-cdn-diag: fra1-11023-7-16555-h-0-0---;110584-18-20605----0-0-0
accept-ranges: bytes
content-length: 542
expires: Sat, 14 Nov 2020 07:18:41 GMT

GET
H2 200 4df2aa29a8dfde6a55116e750a2e6ac2_thumb_medium.jpg
i.bimbolive.com/068/124/2af/ Frame 2547 9 KB
9 KB 31ms
11ms Image
image/jpeg 2606:4700::6810:7544
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bimbolive.com/068/124/2af/4df2aa29a8dfde6a55116e750a2e6ac2_thumb_medium.jpg
Requested by: Host: bngpt.com
URL: https://bngpt.com/promo.php?c=680190&subid=oodbPHNLPHPLHPRU7YHrqJ5a6LqHUzUVy1VVOldRLKqeqV11jqZnTumrdK6V0rrKZnV0zW1UWunrmtpnqdK6V07p3SuldM6V0rpnO3q32z14qu1us0rmm11p4nrp1rroo3m3zdK5TAkJnHqH9009sqppZ6XOldK6V1tDpXSuD7A-&subid2=3206393&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:7544 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f79dc4b0379269f50553082d280c4fcb400179c94e765339ea5612ecfdbfb107

Request headers

Referer: https://bngpt.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-bc-o: 1
date: Fri, 05 Mar 2021 02:59:50 GMT
cf-cache-status: HIT
age: 1844085
x-o1-p6: MISS
content-length: 9138
cf-request-id: 08a1ecd39900004e1f918aa000000001
last-modified: Thu, 11 Feb 2021 03:23:05 GMT
server: cloudflare
etag: "6024a319-23b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 13 Mar 2021 18:45:05 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 62b017328d3c4e1f-FRA
cf-bgj: h2pri

GET
H2 206 stream_baby-jade.webm
db.bngpt.com/ Frame 2547 241 KB
241 KB 100ms
31ms Media
video/webm 66.254.122.102
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://db.bngpt.com/stream_baby-jade.webm
Requested by: Host: bngpt.com
URL: https://bngpt.com/promo.php?c=680190&subid=oodbPHNLPHPLHPRU7YHrqJ5a6LqHUzUVy1VVOldRLKqeqV11jqZnTumrdK6V0rrKZnV0zW1UWunrmtpnqdK6V07p3SuldM6V0rpnO3q32z14qu1us0rmm11p4nrp1rroo3m3zdK5TAkJnHqH9009sqppZ6XOldK6V1tDpXSuD7A-&subid2=3206393&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.254.122.102 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: b3820793e585fe8d13dae5eeb8662ada9d2f6738e03905395cc600cc50c63ace

Request headers

Referer: https://bngpt.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 05 Mar 2021 02:59:50 GMT
last-modified: Thu, 04 Mar 2021 23:10:10 GMT
etag: "604168d2-3c31d"
content-type: video/webm
Content-Range: bytes 0-246556/246557
cache-control: max-age=43200
x-cdn-diag: fra1-11015-2-11931-h-0-0---;110372-14-27301----0-0-0
Content-Length: 246557
expires: Fri, 05 Mar 2021 11:48:48 GMT

GET
DATA 200
OK truncated
/ Frame 2547 21 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b336e72ade9127a8f50308df1bc4f5cd3a89482832cd0768802b4e63bf1b25e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4df2aa29a8dfde6a55116e750a2e6ac2_thumb_medium.jpg
i.bimbolive.com/068/124/2af/ Frame 2547 9 KB
9 KB 11ms
10ms Image
image/jpeg 2606:4700::6810:7544
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bimbolive.com/068/124/2af/4df2aa29a8dfde6a55116e750a2e6ac2_thumb_medium.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:7544 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f79dc4b0379269f50553082d280c4fcb400179c94e765339ea5612ecfdbfb107

Request headers

Referer: https://bngpt.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-bc-o: 1
date: Fri, 05 Mar 2021 02:59:50 GMT
cf-cache-status: HIT
age: 1844085
x-o1-p6: MISS
content-length: 9138
cf-request-id: 08a1ecd43400004e1fe289c000000001
last-modified: Thu, 11 Feb 2021 03:23:05 GMT
server: cloudflare
etag: "6024a319-23b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 13 Mar 2021 18:45:05 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 62b017338e0d4e1f-FRA
cf-bgj: h2pri

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.realsrv.com/	1970-01-20 10:06:25	Name: __uvt Value: a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2260419ea6549ba3.33609714213778409%22%3B%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bngpt.com
db.bngpt.com
i.bimbolive.com
i.bongacash.com
syndication.realsrv.com
185.75.253.85
2606:4700::6810:7544
66.254.122.102
66.254.122.112
95.211.229.246
097f8db12c193936f803052d0e27068c5e8959011a541b12d609c5c73d464d52
45ec8d91945614154aa6d7310bcfc5f00ea6d89647f51d8be503c988a3a91f13
4bfa891ddc3786bc6ad204bb6e25cfa3f70d4e2a2bd9a47d5d1354d1d13ea492
4cb282dd44111c6457804a09c1eb3c1a56a04f486ba83b3179b277aeea8e0260
8b336e72ade9127a8f50308df1bc4f5cd3a89482832cd0768802b4e63bf1b25e
b3820793e585fe8d13dae5eeb8662ada9d2f6738e03905395cc600cc50c63ace
c32d6eec7219bbe7027a8b136fbaef263b2cd596bbef24323ba2e3754737d6af
e666784dfb5c0770b088874d0217b90b7404d14bd6149843f3b5952b9a5f9197
ea5bb79665ee9cab463d102ec757ae3028aab2c32267326aeb6c1a8aa978cc4f
f79dc4b0379269f50553082d280c4fcb400179c94e765339ea5612ecfdbfb107

syndication.realsrv.com Open in urlscan Pro 95.211.229.246 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

20 %IPv6

4 Domains

5 Subdomains

6 IPs

2 Countries

354 kBTransfer

546 kBSize

1 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

1 Cookies

Indicators

syndication.realsrv.com Open in urlscan Pro
95.211.229.246 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

20 %
IPv6

4
Domains

5
Subdomains

6
IPs

2
Countries

354 kB
Transfer

546 kB
Size

1
Cookies

10 HTTP transactions
1 data transactions